French multinational Thales and Australian company Senetas have announced a post quantum cryptography solution for enterprises and governments around the world. Although most experts believe it will still be somewhere between 10 an 30 years before a powerful enough quantum computer is created that can factor a large semi-prime number and hence break the RSA encryption code used for key exchange, there is a concern about an attack that we call “Harvest Now, Decrypt Later”. The “Harvest Now, Decrypt Later” attack could be utilized to collect data that has the characteristics of both high value as well as high shelf life. This could include things like medical records or the design plans for a new military aircraft or other things that would still be useful to know at a time well in the future. The attacker will collect the encrypted data today on a hard drive and hold it for many years until they obtain a large quantum computer and then use it to decrypt and uncover the data.

Source: Expert Survey Published in October 2019 by the Global Risk Institute

So for this reason, some organizations are already starting to put into place quantum resistant encryption capabilities to prevent this type of attack. The U.S. NIST agency has been running a Post Quantum Cryptography standardization competition for several years now and is currently in Round 3 with 7 finalists and 8 alternatives. They are anticipating releasing their final selections in the next year or two.

So even though the NIST selection is not fully completed yet, The Thales/Senetas solution is already supporting the finalist algorithms and will transition to the final selection once that is made. They will adhere to standards from both NIST and the European Telecommunications Standards Institute in their products. For more, you can view a news release published by Thales that is available here.

May 7, 2021